Security & Testing Claudeスキル

Linux Privilege Escalation

Identifies and exploits Linux system misconfigurations to elevate user privileges to root-level access.

Test-First Development (TDD)

Implements a rigorous test-driven development workflow to ensure code quality through comprehensive test coverage and clear requirements.

Security Audit

Conducts comprehensive security reviews based on OWASP standards and industry best practices to identify and remediate code vulnerabilities.

SAST Configuration & Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within the development lifecycle.

Web Development Best Practices

Enforces modern web standards for security, performance, and cross-browser compatibility through comprehensive audits.

Test-First Development

Guides the implementation of Test-Driven Development (TDD) workflows to ensure high-quality code through rigorous test-first patterns and comprehensive coverage.

Attack Tree Construction

Builds systematic attack tree visualizations and threat path analyses to identify security vulnerabilities and defense gaps.

Temporal Python Testing

Provides comprehensive strategies and patterns for testing Temporal workflows using pytest, time-skipping, and determinism validation.

Test-First Development Guide

Implements a robust Test-Driven Development workflow to ensure high-quality, bug-resistant code through pre-implementation testing and structured validation.

PatriotForge TDD Patterns

Implements rigorous test-driven development workflows using pytest-asyncio, fakeredis, and automated fixture management.

Security Audit

Conducts comprehensive security reviews and vulnerability assessments following OWASP standards and industry best practices.

ArkUI TDD Testing Patterns

Implements standardized test-driven development practices for ArkUI NG component patterns to ensure high code coverage and reliability.

Security Scanning Tools

Conducts comprehensive security audits and vulnerability assessments using industry-standard tools for networks, web apps, and cloud infrastructure.

Verification Before Completion

Enforces rigorous evidence-based verification before any code task is marked as complete or committed.

Secrets Scanner & Remediation

Scans codebases and Git history for exposed credentials, API keys, and sensitive tokens with automated remediation guidance.

Bug Documentation Assistant

Standardizes the bug reporting process by gathering reproduction steps and maintaining a centralized BUGS.md tracking file.

Security & Bug Auditor

Identifies security vulnerabilities, logic bugs, and code quality issues within git branch changes using a structured multi-phase audit process.

Test-Driven Development Workflow

Enforces a strict red-green-refactor cycle to ensure high-quality, test-backed code implementation for Python services.

PatriotForge Security Operations

Enforces rigorous security standards and full-stack protection protocols across the PatriotForge ERP ecosystem.

Linux Privilege Escalation

Conducts systematic security assessments to identify and exploit privilege escalation vectors on Linux systems.

Security Scanner

Performs comprehensive security audits and vulnerability scans across multiple programming languages and frameworks.

Testing Anti-Pattern Detection

Identifies and refactors common testing anti-patterns to ensure reliable, fast, and maintainable test suites.

RISC-V Simulator Verification

Verifies RISC-V simulator correctness by executing Linux kernel boot sequences and standard baremetal benchmarks.

AWS Penetration Testing & Security Audit

Conducts comprehensive security assessments and penetration testing across Amazon Web Services environments to identify vulnerabilities and privilege escalation paths.

Security Best Practices

Conducts language-specific security reviews and implements secure-by-default coding patterns for Python, JavaScript, and Go projects.

Web App Testing Suite

Automates local web application testing and UI debugging using Playwright and integrated server lifecycle management.

XSS & HTML Injection Security Testing

Identifies and exploits Cross-Site Scripting (XSS) and HTML injection vulnerabilities using advanced detection and bypass techniques.

Threat Mitigation Mapping

Maps identified security threats to specific controls and mitigations to strengthen application defense-in-depth.

Test Generation

Generates comprehensive, high-coverage test suites and edge-case scenarios to ensure software reliability.

Debugging Strategies

Employs systematic debugging techniques and profiling tools to identify and resolve complex code issues across any technology stack.